Windows users are being targeted by a new scam involving fake software updates, cybersecurity researchers have warned. Attackers are luring users to deceptive websites that mimic official Microsoft pages, prompting them to download what appears to be a legitimate Windows update. However, the downloaded file actually contains harmful malware designed to steal sensitive information such as passwords and payment details.
According to Malwarebytes researchers, the scam websites closely resemble Microsoft Support and Windows Update pages, using similar fonts, colors, and design to deceive users. To avoid falling victim to this scam, users are advised not to click on any links in suspicious emails or messages claiming to require urgent updates. Instead, they should manually check for updates through the Windows Update feature in Settings.
The malicious file being distributed appears authentic, making it difficult for users and security software to detect its harmful nature. While the scam seems to be targeting users in France primarily, experts caution that it could quickly spread to other regions. To protect themselves, Windows users are urged to refrain from clicking on update links from untrusted sources and to enable automatic updates to reduce the risk of falling for fake update scams.
In particular, Windows 11 users are warned to be cautious of unexpected messages demanding urgent updates, as installing software only through official Microsoft channels is the most effective defense against these types of attacks.
